CVE-2025-34248
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-09

Last updated on: 2025-10-14

Assigner: VulnCheck

Description
D-Link Nuclias Connect firmware versions < 1.3.1.4 contain a directory traversal vulnerability within /api/web/dnc/global/database/deleteBackup due to improper sanitization of the deleteBackupList parameter. This can allow an authenticated attacker to delete arbitrary files impacting the integrity and availability of the system.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-09
Last Modified
2025-10-14
Generated
2026-06-16
AI Q&A
2025-10-09
EPSS Evaluated
2026-06-14
NVD
CVE-2025-34248
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
d-link nuclias_connect *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-34248 is a directory traversal vulnerability in D-Link Nuclias Connect firmware versions prior to 1.3.1.4. It exists in the /api/web/dnc/global/database/deleteBackup endpoint due to improper sanitization of the deleteBackupList parameter. This flaw allows an authenticated attacker to delete arbitrary files on the system, which can compromise the system's integrity and availability. [1]

Impact Analysis

This vulnerability can allow an authenticated attacker to delete arbitrary files on the affected system, impacting the integrity and availability of the system. This means critical files could be removed, potentially causing system malfunction, data loss, or service disruption. [1]

Detection Guidance

This vulnerability can be detected by checking if your D-Link Nuclias Connect firmware version is prior to 1.3.1.4 and by monitoring or testing the endpoint /api/web/dnc/global/database/deleteBackup for improper sanitization of the deleteBackupList parameter. Since the vulnerability requires authentication, you can attempt to authenticate and send crafted requests to this endpoint to see if arbitrary file deletion is possible. Network monitoring tools can be used to detect suspicious requests targeting this endpoint. Specific commands are not provided in the resources. [1]

Mitigation Strategies

The immediate mitigation step is to upgrade the D-Link Nuclias Connect firmware to version 1.3.1.4 or later, where this directory traversal vulnerability has been fixed. Additionally, restrict access to the affected API endpoint to trusted users only and monitor for any suspicious activity involving the deleteBackupList parameter. Ensure that only authenticated and authorized users can access the system to reduce risk. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-34248. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart